Who we are
Drizly is the world’s largest alcohol marketplace and the best way to shop beer, wine and spirits. Our customers trust us to be part of their lives – their celebrations, parties, dinners and quiet nights at home. We are there when it matters - committed to life’s moments and the people who create them. We partner with the best retail stores in over 1200 cities across North America to serve up the best buying experience. Drizly offers a huge selection and competitive pricing with a side of personalized content. That is what we do. Who we are is a different story.
We are more than just another tech company. There is an intellectual curiosity that occurs at Drizly. We have a desire to question, to understand, to figure it out. Bottom line, we solve it. We value not just the truth but the process to get to the truth, to deliberate, decide and then act. Most importantly, we care. We care about our customer. We care about our company. We care about our team. There will be long days and incredible challenges.
We are blazing a trail in an industry that hasn’t changed in nearly a century, and that doesn’t scare us (well, not all the time) -and even when it does, it doesn’t stop us, it energizes us.
Do you see yourself here? Read on.
Who you are
You are an experienced information security expert that has both advised on policy and executed best practices to protect customer data by balancing stakeholders and driving protection against threats and vulnerabilities. You have led the strategy and buildout of highly defensible systems for high growth companies with a knack for testing penetration points across several products and platforms. But you are more than a security strategist. You’re also an engineer that’s well versed in AWS, has experience with public cloud security, platforms, and service and can partner with infrastructure and IT teams.
You have a firm understanding of at least a few industry best practices like ISO 27000 series, NIST SP 800 series, PCI, SOC 2, and experience with managing 3rd party vendor/ integration approval to ensure minimum security/ privacy thresholds are met.
Ideally, you are CISSP or CISA certified.
What the role is
The Senior Director of Security is a critically important role to sustaining Drizly’s rapid growth as the leading ecommerce marketplace for shopping alcohol. By advising on future threats and vulnerabilities to our platform, this role serves as the single point of technical protection for customer data. While elevating the company's culture of security and privacy, the Director of Security will drive strategy and execution on forward-thinking data protection strategies and maintaining compliance.
In this role you will:
- Keep current on applicable laws and regulations and gold standards with respect to the collection and use of data
- Monitor industry security updates, technologies, emerging threats and best practices for continuous improvement
- Drive security related initiatives including but not limited to creating/maintenance of security policies, implementation of security procedures/controls, and monitoring conformance to the policy
- Assess impacts of security incidents and direct incident response as appropriate
- Perform routine security gap assessments and implement remediations
- Be involved in new product development and growth strategy to ensure a privacy by design approach
- Organize trainings for employees throughout the organization on best practices for information security and ensure that our business partners are well versed in our information handling and privacy policies
The Other Stuff
- Competitive salary
- One-on-one professional coaching with an external expert
- Health, Dental and Vision Insurance
- Flexible vacation policy
- 401(K) Plan
- Added perks
You do you.
Drizly is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
BEFORE YOU APPLY...
We ask that you please remove all identifying information from your resume before you upload it on the next page in an effort to help us remove unconscious bias from our resume review process. Drizly is committed to cultivating an inclusive environment where a diverse group of people can and want to do their best work, and that starts with our hiring practices.
Identifying information includes your name, photos, LinkedIn URL, email address and more.